Luigi Auriemma reported a possible buffer overflow in theMBHttp: ownload function of lib/http.cpp as well as several possiblebuffer overflows in lib/rdfparse.c.

Impact======

A remote attacker could be able to execute arbitrary code or causeDenial of Service by making use of an overly long "Location" header inan HTTP redirect message from a malicious server or a long URL inmalicious RDF feeds.

This GLSA and any updates to it are available for viewing atthe Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200610-09.xml

Concerns?=========

Security is a primary focus of Gentoo Linux and ensuring theconfidentiality and security of our users machines is of utmostimportance to us. Any security concerns should be addressed tosecurity@gentoo.org or alternatively, you may file a bug athttp://bugs.gentoo.org.